Terrorists are computer savvy. This is a fact that has been recognized by those who are in the trenches fighting a cyber war against them. It may seem counterintuitive that groups that commit brutal acts of violent extremism should be so proficient in cyber technology. But online defenders such as U.S. Cyber Command (USCYBERCOM), as well as a host of other unofficial cybercombatants, are well aware of the capabilities of violent groups such as the Islamic State to use online tools in advancing their purposes.
The Terrorist Online Presence
In May 2016, Microsoft posted a blog in which they detailed efforts to eliminate terrorist content on all of their hosted platforms. Twitter, Facebook and Google's YouTube have made similar announcements in recent years. Such efforts have been compared to the popular 1970s arcade game Whac-a-Mole, where a user's efforts to eliminate the pesky rodents eventually become futile as they resurface elsewhere at increasing speed. A growing and diffuse community of terrorists and their sympathizers makes this aspect of the cyber war against terrorism increasingly difficult.
The game would be comedic if it weren't so deadly. “ISIS has been recruiting hackers for some time now,” says J.M. Berger, co-author of the 2015 book “ISIS: The State of Terror.” “Some are virtual collaborators from a distance, but others have been recruited to emigrate to Syria.” An article in The Guardian describes how Islamic State hackers were able to break into the Twitter and YouTube accounts of the U.S. Central Command (USCENTCOM) and scrawl the words “I love you Isis” across the page. Incidents like these make you wonder about the vulnerabilities of cyberspace (not to mention the mindset of terrorists with a sense of humor). (For more on hacking, see For the Love of Hackers.)
Grey Hats and Patriotic Hackers
Some private citizens have taken the cyber war against terrorism into their own hands. The self-proclaimed “grey hat hacktivist” who goes by the moniker “The Jester” was named as one of the 30 Most Influential People on the Internet by Time Magazine in March, 2015. The former military member has his own blog and can be found at “#jester on irc.j2p darknet.” This probably means little to those of us who use the internet for innocent things like email and online shopping. You can read more about The Jester's journey through the internet underworld in his interview with Homeland Security Today.
NBC5 Chicago stated in their report on so-called “patriotic hackers” that “they operate on their own without law enforcement and follow their own set of rules.” Another example is the hacker group Anonymous. In various efforts, the loose confederation of hacktivists have sought to demonstrate the power of collective action. In what may be considered more of a white hat activity, the group declared war on ISIS after the Paris attacks, and posted a similar video after the ISIS attacks at a Belgian airport and subway station. It's difficult to verify the effectiveness of either The Jester or Anonymous in their cyber battles against terrorist activity. (To learn more about hackers, see 5 Reasons You Should Be Thankful For Hackers.)
Cyber Tools and Weapons
The “Whac-a-Mole” (aka, “whack-a-mole”) efforts of social media outlets like Twitter have had mixed success. For some time they resisted calls to delete Twitter accounts which may have been linked to terrorism, citing freedom of speech. Eventually they incorporated an anti-terrorist stance into their rules on abusive behavior: “You may not make threats of violence or promote violence, including threatening or promoting terrorism.” Google's YouTube developed a “trusted flagger” program which allowed them to take cues from law enforcement agencies for quick elimination of terrorist content. Despite these efforts, the terrorist can simply create a new social media account in minutes. The whack-a-mole game can be frustrating.
Another headache for those fighting terror is the growing use of encryption, a free technology that is easy to replicate. FBI Director James Comey stated that “if the challenges of real-time interception threaten to leave us in the dark, encryption threatens to lead all of us to a very dark place.” One such encryption tool that is easily available is an app called Telegram. On its website it boasts: “And if you want secrecy, try our device-specific Secret Chats with self-destructing messages, photos and videos.” It is believed that the perpetrators of the terrorist acts in Paris and Brussels may have used such technology before and during the attacks.
CNAP, the Threat of Cyberterrorism and Cyber Bombs
On February 9, 2016, the Obama administration released a factsheet called the Cybersecurity National Action Plan (CNAP). It calls for “bold actions to protect Americans in today's digital world.” The president's plan includes:
- A “Commission on Enhancing National Security”
- The transformation of government through a $3.1 billion Information Technology Modernization Fund
- Encouraging Americans to improve security by using multi-factor authentication
- The investment of $19 billion dollars in cybersecurity for fiscal year 2017
The cyber war is multi-faceted, and it encompasses much more than terrorism. According to Dr. Thomas Rid of King's College London's Department of War Studies, cyber attacks may be related to 1) crime; 2) espionage; 3) subversive hacktivism; 4) or cyber sabotage. Dr. Rid believes that true cyberterrorism – causing physical harm through digital means – is actually rather difficult, because it requires not only the technical skills but also the “target intelligence.” The precise information needed to target key infrastructure points – say, within the electrical power grid – is not so easy to obtain. Also Dr. Rid thinks that cyberterrorism may be less likely because it would not have the emotional appeal of some more bloody and brutal act.
In April, 2016, Defense Secretary Ashton Carter revealed to the U.S. Senate details about the Pentagon's plan to wage cyber warfare against the Islamic State. Carter said that the objectives are to interrupt:
- Command and control of the Islamic State
- Its ability to move money around
- Its ability to tyrannize and control populations
- Its ability to recruit externally
According to CNN, Deputy Secretary of Defense Robert Work told a group of reporters that the U.S. Is “dropping cyber bombs.” He went on to say that “right now it sucks to be ISIL (ISIS).”
It would be a mistake to underestimate the cyber capabilities of terrorists, particularly the Islamic State. The computer security expert John McAfee stated that “they are far more clever in the cyber services than we ever gave them credit for.” Combating terrorists online is no easy job. Matthew Green, who teaches computer security at Johns Hopkins University, said that “there's too much communication for us to listen to it all, even if none of it is encrypted.” Defeating terrorist groups like ISIS through cyber warfare requires every technical resource at our disposal. That could explain why grey hats like The Jester have never been outed or faced criminal charges. And shady groups like Anonymous might even be cheered at the suggestion that they could make headway against the enemy of civilization called violent extremism.